<?php
# 文件名称:simplerule.php
# MetInfo在线反馈系统 
# Copyright (C) 长沙米拓信息技术有限公司 (http://www.metinfo.cn). All rights reserved.
defined( '_SYS' ) or die( 'No direct script access allowed' );
class C_simpleRule
{
	var $_name = 'SimpleRule';
	var $_section_id;
	var $_rule_id;
	var $_user_groups = array();
	var $_errors = array();
	function getInstance()
	{
		return new C_simpleRule;
	}
	function getSection()
	{
		return $this->_section_id;
	}
	function setSection($section)
	{
		$old = $this->_section_id;
		$db = C_loader::getDBO();
		if (!is_int($section))
		{
			$db->setQuery(
				'SELECT `id`' .
				' FROM `'.$db->_table_prefix.'access_sections`' .
				' WHERE `name` = '.$db->Quote($section)
			);
			$sectionId = (int) $db->loadResult();
		}
		else {
			$sectionId = (int) $section;
			$db->setQuery(
				'SELECT `name`' .
				' FROM `'.$db->_table_prefix.'access_sections`' .
				' WHERE `id` = '.(int) $sectionId
			);
			$section = $db->loadResult();
		}
		$this->_section_id = $sectionId;
		$this->_section_name = $section;
		return $old;
	}
	function getRuleId()
	{
		return $this->_rule_id;
	}
	function getRules($section = 'core', $type = 1)
	{
		$db = C_loader::getDBO();
		$db->setQuery(
			'SELECT a.*' .
			' FROM '.$db->_table_prefix.'access_rules AS a' .
			' INNER JOIN '.$db->_table_prefix.'access_sections AS s ON s.id = a.section_id' .
			' WHERE a.access_type = '.(int) $type .
			'  AND s.name = '.$db->quote($section) .
			' ORDER BY s.no_order, a.no_order, a.title'
		);
		$rules = $db->loadObjectList();
		if ($db->getErrorNum()) {
			return false;
		}
		return $rules;
	}
	function setRule($rule)
	{
		$old = $this->_rule_id;
		$db = C_loader::getDBO();
		if (!is_int($rule))
		{			
			$db->setQuery(
				'SELECT `id`' .
				' FROM `'.$db->_table_prefix.'access_rules`' .
				' WHERE `name` = '.$db->Quote($rule)
			);
			$ruleId = (int) $db->loadResult();
		}
		else {
			$ruleId = (int) $rule;
			$db->setQuery(
				'SELECT `name`' .
				' FROM `'.$db->_table_prefix.'access_rules`' .
				' WHERE `id` = '.(int) $ruleId
			);
			$rule = $db->loadResult();
		}		
		$this->_rule_id = $ruleId;
		$this->_rule_name = $rule;		
		return $old;
	}
	function getUserGroups()
	{
		return $this->_user_groups;
	}
	function setUserGroups($groups)
	{
		$old = $this->_user_groups;
		if (empty($groups)) {
			$this->_user_groups = array();
			return $old;
		}
		$ids = implode(',', $groups);
		$db = C_loader::getDBO();
		$db->setQuery(
			'SELECT `id`' .
			' FROM `'.$db->_table_prefix.'usergroups`' .
			' WHERE `id` IN ('.$ids.')'
		);
		$actualGroups = (array) $db->loadResultArray();
		$groups = array_intersect($groups, $actualGroups);
		$this->_user_groups = $groups;
		return $old;
	}

	function load($rule, $asset = null)
	{
		// 加载访问规则
		$this->setRule($rule);		
		if (empty($this->_rule_id)) {
			$this->setError(C_text::_('Access_Rule_Invalid'));
			return false;
		}
		// 获取数据库对象
		$db = C_loader::getDBO();
		$db->setQuery(
			'SELECT `section_id`' .
			' FROM `'.$db->_table_prefix.'access_rules`' .
			' WHERE `id` = '.(int) $this->_rule_id
		);
		$sectionId = (int) $db->loadResult();
		// 检测错误
		if ($db->getErrorNum()) {
			$this->setError($db->getErrorMsg());
			return false;
		}
		// 加载资源
		$this->setSection($sectionId);
		if (empty($this->_section_id)) {
			$this->setError(C_text::_('Access_Section_Invalid'));
			return false;
		}
		// 加载可访问此规则的用户组
		$db->setQuery(
			'SELECT `group_id`' .
			' FROM `'.$db->_table_prefix.'usergroup_rule_map`' .
			' WHERE `rule_id` = '.(int) $this->_rule_id
		);
		$groups = (array) $db->loadResultArray();
		// 检测
		if ($db->getErrorNum()) {
			$this->setError($db->getErrorMsg());
			return false;
		}
		// 设置用户组
		$this->_user_groups = $groups;
		return true;
	}
	function store()
	{
		/*
		 * 验证对象值
		 */
		// 验证资源
		if (empty($this->_section_id)) {
			$this->setError(C_text::_('Access_Section_Invalid'));
			return false;
		}
		// 验证访问规则
		if (empty($this->_rule_id)) {
			$this->setError(C_text::_('Access_Rule_Invalid'));
			return false;
		}
		$db = C_loader::getDBO();
	
		$this->_rule_type = 1;
		$ruleId = $this->_rule_id;
		// 如果访问规则不存在就创建一个
		if (empty($ruleId))
		{
			// 插入数据库
			$db->setQuery(
				'INSERT INTO `'.$db->_table_prefix.'access_rules` (`section_id`, `section`, `name`, `title`, `allow`, `enabled`, `access_type`) VALUES' .
				' ('.(int) $this->_section_id.', '.$db->Quote($this->_section_name).', '.$db->Quote($this->_rule_name).', "SYSTEM", 1, 1, '.(int) $this->_rule_type.')'
			);
			$db->query();
			// 检测
			if ($db->getErrorNum()) {
				$this->setError($db->getErrorMsg());
				return false;
			}
			// 获取插入的id号
			$ruleId = $db->insertid();
		}
		// 设置规则
		$this->_rule_id = (int) $ruleId;
		// 删除用户组到访问规则的关联
		$db->setQuery(
			'DELETE FROM `'.$db->_table_prefix.'usergroup_rule_map`' .
			' WHERE `rule_id` = '.(int) $this->_rule_id
		);
		$db->query();
		// 检测
		if ($db->getErrorNum()) {
			$this->setError($db->getErrorMsg());
			return false;
		}
		// 重新建立规则
		if (!empty($this->_user_groups))
		{
			$values = array();
			foreach ($this->_user_groups as $group)
			{
				$values[] = '('.(int) $group.', '.(int) $this->_rule_id.')';
			}
			$db->setQuery(
				'INSERT INTO `'.$db->_table_prefix.'usergroup_rule_map` (`group_id`, `rule_id`) VALUES ' .
				implode(', ', $values)
			);
			$db->query();
			// 检测
			if ($db->getErrorNum()) {
				$this->setError($db->getErrorMsg());
				return false;
			}
		}
		return true;
	}
	function setError($error)
	{
		array_push($this->_errors, $error);
	}
}
# 本程序是一个开源系统,使用时请你仔细阅读使用协议,商业用途请自觉购买商业授权.
# Copyright (C) 长沙米拓信息技术有限公司 (http://www.metinfo.cn). All rights reserved.
?>
